Foreign hackers successfully infiltrate US energy sector in a series of cyber attacks

Researchers at cyber security firm Symantec announced that highly skilled hackers have successfully infiltrated roughly 20 energy companies in both the United States and Europe. According to the report, this breach including access to core systems which effect and control operations. This act of cyber espionage has troubling implications for the security of the country’s energy infrastructure.

These attacks are suspected to have been carried out by the hacking group known as Dragonfly on behalf of an unnamed foreign government according to Eric Chien, a cyber security research at Symantec. Dragonfly began testing the strength of the United States energy grid in 2015 but they have increased in both severity and frequency as of April.

Concerns about the vulnerability of industrial firms, including power and utility providers, have been increasingly concerning to government officials. In June the U.S. government issued an official warning to industrial firms about the possibility of a hacking campaign.

E-mail is the primary entry route for Dragonfly, who disguise malicious programs into messages that appear mundane on the surface- things such as job applications or invitations to events relevant to the targeted industry. When opened these attachments secretly install backdoor ‘trojan’ software that can steal credentials or take remote control of the infected machine.

“Sabotaging the operations of energy providers would cause great disruption to large numbers of people, as was seen with the compromise of Ukraine’s power system in 2015 and 2016. The impact of an attack against an atomic energy provider could potentially be a lost worse” said Candid Wüest, a threat research at Symantec.

The group carried out similar hacking campaigns in Turkey and Switzerland. The report published by Symantec recommends that energy providers view these attacks as “a core business risk” that pose the same threat to their infrastructure as floods and fire. They further warn that a cross-sector cybersecurity framework needs to be established in order properly safeguard our energy infrastructure.

The Department of Homeland Security has already responded to the report stating that it is under review, but that “at this time there is no indication of a threat to public safety.”